diff options
| author | Bruce Ashfield <bruce.ashfield@windriver.com> | 2014-04-23 23:30:47 -0400 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@windriver.com> | 2014-04-23 23:30:47 -0400 |
| commit | 693b0eb259816510b5fc6123ef6cc72138154b31 (patch) | |
| tree | fbd9fcca12e20de8e9a79afac7973aaa5bfa2f1b /meta-openstack/recipes-devtools/python/python-keystone | |
| parent | 29f2754423d4329136b314824a2637a8b02aefe4 (diff) | |
| download | meta-cloud-services-693b0eb259816510b5fc6123ef6cc72138154b31.tar.gz | |
keystone: add barbican users, roles and endpoints
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Diffstat (limited to 'meta-openstack/recipes-devtools/python/python-keystone')
| -rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone/identity.sh | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh index 593801f..fcd8898 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone/identity.sh +++ b/meta-openstack/recipes-devtools/python/python-keystone/identity.sh | |||
| @@ -79,34 +79,36 @@ if [ $? -eq 1 ]; then | |||
| 79 | else | 79 | else |
| 80 | NEUTRON_USER=$(keystone user-get neutron | grep " id " | get_field 2) | 80 | NEUTRON_USER=$(keystone user-get neutron | grep " id " | get_field 2) |
| 81 | fi | 81 | fi |
| 82 | |||
| 83 | keystone user-get cinder | 82 | keystone user-get cinder |
| 84 | if [ $? -eq 1 ]; then | 83 | if [ $? -eq 1 ]; then |
| 85 | CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com | grep " id " | get_field 2) | 84 | CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com | grep " id " | get_field 2) |
| 86 | else | 85 | else |
| 87 | CINDER_USER=$(keystone user-get cinder | grep " id " | get_field 2) | 86 | CINDER_USER=$(keystone user-get cinder | grep " id " | get_field 2) |
| 88 | fi | 87 | fi |
| 89 | |||
| 90 | keystone user-get ceilometer | 88 | keystone user-get ceilometer |
| 91 | if [ $? -eq 1 ]; then | 89 | if [ $? -eq 1 ]; then |
| 92 | CEILOMETER_USER=$(keystone user-create --name=ceilometer --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=ceilometer@domain.com | grep " id " | get_field 2) | 90 | CEILOMETER_USER=$(keystone user-create --name=ceilometer --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=ceilometer@domain.com | grep " id " | get_field 2) |
| 93 | else | 91 | else |
| 94 | CEILOMETER_USER=$(keystone user-get ceilometer | grep " id " | get_field 2) | 92 | CEILOMETER_USER=$(keystone user-get ceilometer | grep " id " | get_field 2) |
| 95 | fi | 93 | fi |
| 96 | |||
| 97 | keystone user-get heat | 94 | keystone user-get heat |
| 98 | if [ $? -eq 1 ]; then | 95 | if [ $? -eq 1 ]; then |
| 99 | HEAT_USER=$(keystone user-create --name=heat --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=heat@domain.com | grep " id " | get_field 2) | 96 | HEAT_USER=$(keystone user-create --name=heat --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=heat@domain.com | grep " id " | get_field 2) |
| 100 | else | 97 | else |
| 101 | HEAT_USER=$(keystone user-get heat | grep " id " | get_field 2) | 98 | HEAT_USER=$(keystone user-get heat | grep " id " | get_field 2) |
| 102 | fi | 99 | fi |
| 103 | |||
| 104 | keystone user-get swift | 100 | keystone user-get swift |
| 105 | if [ $? -eq 1 ]; then | 101 | if [ $? -eq 1 ]; then |
| 106 | SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=swift@domain.com | grep " id " | get_field 2) | 102 | SWIFT_USER=$(keystone user-create --name=swift --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=swift@domain.com | grep " id " | get_field 2) |
| 107 | else | 103 | else |
| 108 | SWIFT_USER=$(keystone user-get swift | grep " id " | get_field 2) | 104 | SWIFT_USER=$(keystone user-get swift | grep " id " | get_field 2) |
| 109 | fi | 105 | fi |
| 106 | keystone user-get barbican | ||
| 107 | if [ $? -eq 1 ]; then | ||
| 108 | BARBICAN_USER=$(keystone user-create --name=barbican --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=barbican@domain.com | grep " id " | get_field 2) | ||
| 109 | else | ||
| 110 | BARBICAN_USER=$(keystone user-get barbican | grep " id " | get_field 2) | ||
| 111 | fi | ||
| 110 | 112 | ||
| 111 | # Roles | 113 | # Roles |
| 112 | keystone role-get admin | 114 | keystone role-get admin |
| @@ -158,6 +160,9 @@ keystone user-role-add --tenant_id $SERVICE_TENANT --user-id $HEAT_USER --role-i | |||
| 158 | keystone user-role-list --user-id $SWIFT_USER --tenant_id $SERVICE_TENANT &> /dev/null | 160 | keystone user-role-list --user-id $SWIFT_USER --tenant_id $SERVICE_TENANT &> /dev/null |
| 159 | keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE | 161 | keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE |
| 160 | 162 | ||
| 163 | keystone user-role-list --user-id $BARBICAN_USER --tenant_id $SERVICE_TENANT &> /dev/null | ||
| 164 | keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $BARBICAN_USER --role-id $ADMIN_ROLE | ||
| 165 | |||
| 161 | # Create services | 166 | # Create services |
| 162 | COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2) | 167 | COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2) |
| 163 | VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2) | 168 | VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2) |
| @@ -169,6 +174,7 @@ METERING_SERVICE=$(keystone service-create --name ceilometer --type=metering --d | |||
| 169 | ORCHESTRATION_SERVICE=$(keystone service-create --name heat --type=orchestration --description='OpenStack Orchestration Service' | grep " id " | get_field 2) | 174 | ORCHESTRATION_SERVICE=$(keystone service-create --name heat --type=orchestration --description='OpenStack Orchestration Service' | grep " id " | get_field 2) |
| 170 | CLOUDFORMATION_SERVICE=$(keystone service-create --name heat-cfn --type=cloudformation --description='OpenStack Cloudformation Service' | grep " id " | get_field 2) | 175 | CLOUDFORMATION_SERVICE=$(keystone service-create --name heat-cfn --type=cloudformation --description='OpenStack Cloudformation Service' | grep " id " | get_field 2) |
| 171 | SWIFT_SERVICE=$(keystone service-create --name swift --type=object-store --description='OpenStack object-store' | grep " id " | get_field 2) | 176 | SWIFT_SERVICE=$(keystone service-create --name swift --type=object-store --description='OpenStack object-store' | grep " id " | get_field 2) |
| 177 | BARBICAN_SERVICE=$(keystone service-create --name barbican --type=keystore --description='Barbican Key Management Service' | grep " id " | get_field 2) | ||
| 172 | 178 | ||
| 173 | # Create endpoints | 179 | # Create endpoints |
| 174 | keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' | 180 | keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8774/v2/$(tenant_id)s' |
| @@ -181,3 +187,4 @@ keystone endpoint-create --region $KEYSTONE_REGION --service_id $METERING_SERVIC | |||
| 181 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $ORCHESTRATION_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' | 187 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $ORCHESTRATION_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST"':8004/v1/%(tenant_id)s' |
| 182 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $CLOUDFORMATION_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8000/v1' --adminurl 'http://'"$KEYSTONE_HOST"':8000/v1' --internalurl 'http://'"$KEYSTONE_HOST"':8000/v1' | 188 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $CLOUDFORMATION_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8000/v1' --adminurl 'http://'"$KEYSTONE_HOST"':8000/v1' --internalurl 'http://'"$KEYSTONE_HOST"':8000/v1' |
| 183 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $SWIFT_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8888/v1/AUTH_%(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8888/v1' --internalurl 'http://'"$KEYSTONE_HOST"':8888/v1/AUTH_%(tenant_id)s' | 189 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $SWIFT_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':8888/v1/AUTH_%(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST"':8888/v1' --internalurl 'http://'"$KEYSTONE_HOST"':8888/v1/AUTH_%(tenant_id)s' |
| 190 | keystone endpoint-create --region $KEYSTONE_REGION --service_id $BARBICAN_SERVICE --publicurl 'http://'"$KEYSTONE_HOST"':9311/v1' --adminurl 'http://'"$KEYSTONE_HOST"':9312/v1' --internalurl 'http://'"$KEYSTONE_HOST"':9313/v1' | ||